Skip to content

Commit

Permalink
Merge pull request #2 from dBildungsplattform/OPS-5284-Update_curl_CV…
Browse files Browse the repository at this point in the history 
…E-2023-38545_CVE-2023-38546

Update Base image version, so that installing curl 8.5 with apk is po…
  • Loading branch information
@JannikBadenhop
JannikBadenhop authored Feb 15, 2024
2 parents 21a58b9 + 19ebbd7 commit 5462c8a
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM nginx:1.17.10-alpine
FROM nginx:1.21-alpine

EXPOSE 8000
CMD ["/sbin/entrypoint.sh"]
Expand Down Expand Up @@ -54,6 +54,8 @@ RUN apk add --no-cache --update \
wget sqlite git curl bash grep \
supervisor

# upgrade curl to address CVE-2023-38545 and liburl as dependency
RUN apk upgrade --no-cache --update -U libcurl curl
# forward request and error logs to docker log collector
RUN ln -sf /dev/stdout /var/log/nginx/access.log && \
ln -sf /dev/stderr /var/log/nginx/error.log && \
Expand Down

0 comments on commit 5462c8a

Please sign in to comment.